How can I represent 'Authorization: Bearer <token>' in a Swagger Spec (swagger.json)

Elmer Thomas picture Elmer Thomas · Oct 2, 2015 · Viewed 149.6k times · Source

I am trying to convey that the authentication/security scheme requires setting a header as follows:

Authorization: Bearer <token>

This is what I have based on the swagger documentation:

securityDefinitions:
  APIKey:
    type: apiKey
    name: Authorization
    in: header
security:
  - APIKey: []

Answer

David Lopez picture David Lopez · Oct 7, 2015

Maybe this can help:

swagger: '2.0'
info:
  version: 1.0.0
  title: Based on "Basic Auth Example"
  description: >
    An example for how to use Auth with Swagger.

host: basic-auth-server.herokuapp.com
schemes:
  - http
  - https
securityDefinitions:
  Bearer:
    type: apiKey
    name: Authorization
    in: header
paths:
  /:
    get:
      security:
        - Bearer: []
      responses:
        '200':
          description: 'Will send `Authenticated`'
        '403': 
          description: 'You do not have necessary permissions for the resource'

You can copy&paste it out here: http://editor.swagger.io/#/ to check out the results.

There are also several examples in the swagger editor web with more complex security configurations which could help you.